The update of librack-ruby in DSA-2783-1 also addressed CVE-2013-0183.
The patch applied breaks rails applications like redmine (see Debian Bug
#727187). Updated packages are available to address this problem.

For reference, the original advisory text follows:

Several vulnerabilities were discovered in Rack, a modular Ruby
webserver interface. The Common Vulnerabilites and Exposures project
identifies the following vulnerabilities:

CVE-2011-5036

Rack computes hash values for form parameters without restricting
the ability to trigger hash collisions predictably, which allows
remote attackers to cause a denial of service (CPU consumption)
by sending many crafted parameters.

CVE-2013-0184

Vulnerability in Rack::Auth::AbstractRequest allows remote
attackers to cause a denial of service via unknown vectors.